CVE-2021-44228
CVE-2021-44228
Hi
Is Nagios and/or the ELK stack affected by CVE-2021-44228 ?
Best
Jan
Is Nagios and/or the ELK stack affected by CVE-2021-44228 ?
Best
Jan
Re: CVE-2021-44228
I also would like a reply on this matter, a swift reply from Nagios would be appreciated.
Grtz. Hans
Grtz. Hans
Re: CVE-2021-44228
I am also interested here, if XI is affected by this vulnerability.
Re: CVE-2021-44228
I would also like to know, if Nagios XI is affected.
-
- Posts: 7
- Joined: Tue May 19, 2015 8:18 am
Re: CVE-2021-44228
Me too!
Code: Select all
[root@nagiosls /]# find / -name *log4j*
/usr/local/nagioslogserver/elasticsearch/lib/apache-log4j-extras-1.2.17.jar
/usr/local/nagioslogserver/elasticsearch/lib/log4j-1.2.17.jar
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/jruby-jms-1.2.0-java/test/log4j.properties
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch_java-2.1.3/vendor/jar-dependencies/runtime-jars/apache-log4j-extras-1.2.17.jar
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch_java-2.1.3/vendor/jar-dependencies/runtime-jars/log4j-1.2.17.jar
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-beats-3.1.14-java/vendor/jar-dependencies/log4j
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-beats-3.1.14-java/vendor/jar-dependencies/log4j/log4j
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-beats-3.1.14-java/vendor/jar-dependencies/log4j/log4j/1.2.17/log4j-1.2.17.jar
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/zk-1.9.6/spec/log4j.properties
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-log4j-2.0.7-java
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-log4j-2.0.7-java/logstash-input-log4j.gemspec
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-log4j-2.0.7-java/vendor/jar-dependencies/runtime-jars/log4j-1.2.17.jar
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-log4j-2.0.7-java/lib/logstash/inputs/log4j.rb
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-log4j-2.0.7-java/lib/logstash-input-log4j_jars.rb
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/jruby-kafka-1.5.0-java/lib/org/slf4j/slf4j-log4j12
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/jruby-kafka-1.5.0-java/lib/org/slf4j/slf4j-log4j12/1.7.13/slf4j-log4j12-1.7.13.jar
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/jruby-kafka-1.5.0-java/lib/log4j
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/jruby-kafka-1.5.0-java/lib/log4j/log4j
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/jruby-kafka-1.5.0-java/lib/log4j/log4j/1.2.17/log4j-1.2.17.jar
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/zookeeper-1.4.11-java/spec/log4j.properties
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/slyphon-log4j-1.2.15
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/slyphon-log4j-1.2.15/log4j.gemspec
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/slyphon-log4j-1.2.15/lib/log4j-1.2.15.jar
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/slyphon-log4j-1.2.15/lib/log4j.rb
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/slyphon-log4j-1.2.15/lib/log4j
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/specifications/slyphon-log4j-1.2.15.gemspec
/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/specifications/logstash-input-log4j-2.0.7-java.gemspec
Re: CVE-2021-44228
I would like to know ASAP also
-
- Posts: 121
- Joined: Tue Jan 30, 2018 3:29 am
- Location: UK
Re: CVE-2021-44228
I would also like to know.
From what I can see log4j is not used on Nagios XI, but is on Nagios Log.
From what I can see log4j is not used on Nagios XI, but is on Nagios Log.
-
- Posts: 2
- Joined: Tue May 07, 2019 10:35 am
Re: CVE-2021-44228
add another concerned customer to the list of would like to know...
-
- Posts: 5
- Joined: Thu Jul 26, 2018 4:33 am
Re: CVE-2021-44228
Anyone from Nagios support to share the updates quickly on this subject matter
Re: CVE-2021-44228
Another customer using Nagios XI, that would like to know if we are affected by this vulnerability.
Thank you.
Thank you.